package com.shapawan.tourism.controller;

import com.baomidou.mybatisplus.core.metadata.IPage;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import com.shapawan.tourism.entity.AdminUser;
import com.shapawan.tourism.service.AdminUserService;
import com.shapawan.tourism.util.Result;
import com.shapawan.tourism.util.SecurityUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.web.bind.annotation.*;

import java.util.Arrays;
import java.util.Date;

@RestController
@RequestMapping("/api/admin-users")
public class AdminUserController {
    
    @Autowired
    private AdminUserService adminUserService;

    @GetMapping
    public Result<IPage<AdminUser>> list(Page<AdminUser> page) {
        // 获取当前登录用户
        AdminUser currentUser = SecurityUtils.getCurrentUser();
        IPage<AdminUser> userPage = adminUserService.page(page);
        
        // 如果不是超级管理员，移除敏感信息
        if (!"admin".equals(currentUser.getRole())) {
            userPage.getRecords().forEach(user -> {
                user.setPassword(null);
                user.setPhone(null);
                user.setEmail(null);
            });
        }
        return Result.success(userPage);
    }

    @PostMapping
    public Result<?> save(@RequestBody AdminUser adminUser) {
        // 获取当前登录用户
        AdminUser currentUser = SecurityUtils.getCurrentUser();
        
        // 只有超级管理员可以创建用户
        if (!"admin".equals(currentUser.getRole())) {
            return Result.error("无权限创建用户");
        }
        
        // 验证角色
        if ("admin".equals(adminUser.getRole())) {
            return Result.error("不能创建超级管理员");
        }
        
        // 验证角色是否为允许的值
        if (!Arrays.asList("editor", "merchant").contains(adminUser.getRole())) {
            return Result.error("无效的角色类型");
        }

        // 设置创建时间和更新时间
        Date now = new Date();
        adminUser.setCreateTime(now);
        adminUser.setUpdateTime(now);
        
        // 密码加密
        adminUser.setPassword(new BCryptPasswordEncoder().encode(adminUser.getPassword()));
        
        return Result.success(adminUserService.save(adminUser));
    }

    @PutMapping("/{id}")
    public Result<?> update(@PathVariable Integer id, @RequestBody AdminUser adminUser) {
        // 获取当前登录用户
        AdminUser currentUser = SecurityUtils.getCurrentUser();
        
        // 只有超级管理员可以更新用户
        if (!"admin".equals(currentUser.getRole())) {
            return Result.error("无权限修改用户信息");
        }
        
        // 不允许修改为超级管理员
        if ("admin".equals(adminUser.getRole())) {
            return Result.error("不能修改为超级管理员");
        }
        
        // 设置更新时间
        adminUser.setUpdateTime(new Date());
        
        // 如果密码被修改，需要重新加密
        if (adminUser.getPassword() != null && !adminUser.getPassword().isEmpty()) {
            adminUser.setPassword(new BCryptPasswordEncoder().encode(adminUser.getPassword()));
        }
        
        return Result.success(adminUserService.updateById(adminUser));
    }

    @DeleteMapping("/{id}")
    public Result<?> delete(@PathVariable Integer id) {
        // 获取当前登录用户
        AdminUser currentUser = SecurityUtils.getCurrentUser();
        
        // 只有超级管理员可以删除用户
        if (!"admin".equals(currentUser.getRole())) {
            return Result.error("无权限删除用户");
        }
        
        // 不能删除超级管理员
        AdminUser targetUser = adminUserService.getById(id);
        if (targetUser != null && "admin".equals(targetUser.getRole())) {
            return Result.error("不能删除超级管理员");
        }
        
        return Result.success(adminUserService.removeById(id));
    }
} 